- (djm) [authfd.c authfile.c bufec.c buffer.h configure.ac kex.h kexecdh.c]
[kexecdhc.c kexecdhs.c key.c key.h myproposal.h packet.c readconf.c]
[ssh-agent.c ssh-ecdsa.c ssh-keygen.c ssh.c] Disable ECDH and ECDSA on
platforms that don't have the requisite OpenSSL support. ok dtucker@
diff --git a/kexecdhs.c b/kexecdhs.c
index e49a0ef..d2c3feb 100644
--- a/kexecdhs.c
+++ b/kexecdhs.c
@@ -30,8 +30,6 @@
#include <string.h>
#include <signal.h>
-#include <openssl/ecdh.h>
-
#include "xmalloc.h"
#include "buffer.h"
#include "key.h"
@@ -46,6 +44,10 @@
#endif
#include "monitor_wrap.h"
+#ifdef OPENSSL_HAS_ECC
+
+#include <openssl/ecdh.h>
+
void
kexecdh_server(Kex *kex)
{
@@ -161,3 +163,10 @@
BN_clear_free(shared_secret);
kex_finish(kex);
}
+#else /* OPENSSL_HAS_ECC */
+void
+kexecdh_server(Kex *kex)
+{
+ fatal("ECC support is not enabled");
+}
+#endif /* OPENSSL_HAS_ECC */